Bulletin boards - with names such as Sherwood Forest and Catch-22 - become the venue of choice for phreaks and hackers to gossip, trade tips, and share secret phone numbers computer passwords and even credit card numbers.

Someone calling himself Lex Luthor founds the Legion of Doom. Named after a Saturday morning cartoon, the LOD had the reputation of attracting "the best of the best" — until one of the gang's brightest young acolytes, a kid named Phiber Optik, feuded with Legion of Doomer Erik Bloodaxe and got tossed out of the clubhouse. Phiber's friends formed a rival group, the Masters of Deception.

The hacker magazine 2600 begins regular publication, right when TAP was putting out its final issue. The editor of 2600, "Emmanuel Goldstein" (whose real name is Eric Corley), takes his handle from the leader of the resistance in George Orwell's 1984. The publication provide tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of 2600 are sold at most large retail bookstores.

The Morris Worm: Robert T. Morris, Jr. (RTM), a graduate student at Cornell University and son of a chief scientist at a division of the National Security Agency, launches a self-replicating worm on the government's ARPAnet (precursor to the Internet) to test its effect on UNIX systems. The worm gets out of hand and spreads to some 6000 networked computers, clogging government and university systems. Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10,000.

The Germans and the KGB: In the first cyberespionage case to make international headlines, hackers in West Germany (loosely affiliated with the Chaos Computer Club) are arrested for breaking into U.S.government and corporate computers and selling operating-system source code to the Soviet KGB. Three of them are turned in by two fellow hacker spies, and a fourth suspected hacker commits suicide when his possible role in the plan is publicized. Because the information stolen is not classified, the hackers are fined and sentenced to probation. In a separate incident,

A woman who goes by the handle Natasha Grigori started out in the early starts running a bulletin-board system for softwarepirates. Now, at age “40-plus,” she’s the founder of antichildporn.org, a group of hackers who use their skills to track kiddie-porn distributors and pass the information on to law enforcement.

1990 — Operation Sundevil introduced. After a prolonged sting investigation, Secret Service agents swoop down on organizers and prominent members of BBSs in 14 U.S. cities including the Legion of Doom, conducting early-morning raids and arrests. The arrests involve and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity. The offices of Steve Jackson Games are also raided, and the role-playing sourcebook GURPS Cyberpunk is confiscated, possibly because the government fears it is a "handbook for computer crime". Legal battles arise that prompt the formation of the Electronic Frontier Foundation.

1990 — LOD and MOD engaged in almost two years of online warfare — jamming phonelines, monitoring calls, trespassing in each other's private computers. Then the Feds cracked down. For Phiber and friends, that meant jail.

During radio station call-in contests, hacker-fugitive Kevin Poulsen and two friends rig the stations' phone systems to let only their calls through, and "win" two Porsches, vacation trips, and $20,000. Poulsen, already wanted for breaking into phone-company systems, serves five years in prison for computer and wire fraud.

Texas A&M University professor receives death threats because a hacker used his computer to send 20,000 racist e-mails.

The first DEF CON hacking conference takes place in Las Vegas. The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering is so popular it becomes an annual event.

1994 summer — Russiancrackers siphon $10 million from Citibank and transfer the money to bank accounts around the world. Vladimir Levin, the 30-year-old ringleader, uses his work laptop after hours to transfer the funds to accounts in Finland and Israel. Levin stands trial in the United States and is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money.

1994 — Hackers adapt to emergence of the World Wide Web quickly, moving all their how-to information and hacking programs from the old BBSs to new hacker Web sites.

February: Kevin Mitnick was arrested again. This time the FBI accused him of stealing 20,000 credit card numbers. Kevin Mitnick is incarcerated on charges of "wire fraud and illegal possession of computer files stolen from such companies as Motorola and Sun Microsystems" He is held in prison for four years without a trial

The U.S. General Accounting Office reports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone. About 65 percent of the attempts were successful, according to the report.

January: Yahoo! notifies Internet users that anyone visiting its site in recent weeks might have downloaded a logic bomb and worm planted by hackers claiming a "logic bomb" will go off if Mitnick is not released from prison.

During heightened tensions in the Persian Gulf, hackers touch off a string of break-ins Solar Sunrise, a series of attacks targeting unclassifiedPentagon computers and steal software programs, leads to the establishment of round-the-clock, online guard duty at major military computer sites. Then-U.S. Deputy Defense SecretaryJohn Hamre calls it "the most organized and systematic attack" on U.S. military systems to date. An investigation points to two American teens. A 19-year-old Israeli hacker who calls himself The Analyzer (aka Ehud Tenebaum) is eventually identified as their ringleader and arrested. Tenebaum is later made chief technology officer of a computer consulting firm.

Software Security Goes Mainstream In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) bugs in Windows and other commercial software products. A host of security software vendors release anti-hacking products for use on home computers.

Classified computer systems at Kelly Air Force Base in San Antonio, Texas, come under attack from a number of locations around the world, but the attacks were detected and stopped by newly developed Defense Department systems.

U.S. Information Agency Web site is hacked for the second time in six months. The hacker circumvented the agency's Internet security and damaged the hard drive, leaving behind the message "Crystal, I love you" and the signature "Zyklon."

Rep. Curt Weldon, R-Pennsylvania, says Defense Department computers are under a "coordinated, organized" attack from hackers. "You can basically say we are at war," he said.

U.S. President Bill Clinton announces a $1.46 billion initiative to improve government computer security. The plan would establish a network of intrusion detection monitors for certain federal agencies and encourage the private sector to do the same.

January — A Russian cracker attempts to extort $100,000 from online music retailerCD Universe, threatening to expose thousands of customers' credit card numbers. Posting them on a website after the attempt to extort money from the company failed. Barry Schlossberg (AKA Lou Cipher) is successful at extoring 1.4M from CD Universe for "services rendered", in an attempt to "catch the russian hacker".

Hackers break into Microsoft's corporate network and access source code for the latest versions of Microsoft Windows and Microsoft Office software. It is later released to several filesharing networks. The Register splashes with the immortal (and suppositional) headline: 'M$ hacked! Russian Mafia swipes WinME source'.

May — a new virus appeared that spread rapidly around the globe. The "I Love You" virus infected image and sound files and spread quickly by causing copies of itself to be sent to all individuals in an address book.

May — The LoveLetter virus sweeps across the globe in hours, wreaking havoc on networks and causing millions in damage and lost productivity.

2001

Microsoft becomes the prominent victim of a new type of crack that attacks the domain name server. In these denial-of-service attacks, the DNS paths that take users to Microsoft's Web sites are corrupted. The hack is detected within a few hours, but prevents millions of users from reaching Microsoft Web pages for two days.

February — A Dutch cracker releases the Anna Kournikova virus, initiating a wave of viruses that tempts users to open the infected attachment by promising a sexy picture of the Russiantennis star.

March — FBI agent Robert P. Hanssen is charged with using his computer skills and FBI access to spy for the Russians.

March — The L10n worm is discovered in the wild attacking older versions of BIND DNS.

April — FBI agents trick two Russian crackers into coming to the U.S. and revealing how they were cracking U.S. banks.

July — Russian programmer Dmitry Sklyarov is arrested at the annual Def Con hacker convention. He is the first person criminally charged with violating the Digital Millennium Copyright Act (DMCA).

August — Code Red, the first polymorphic worm, infects tens of thousands of machines.

September — The World Trade Center and Pentagon terrorist attacks spark lawmakers to pass a barrage of anti terrorism laws many of which group Hackers as terrorists. and remove many long standing personal freedoms in the name of safety.

July — An Information Security survey finds that most security practitioners favor full disclosure because it helps them defend against hacker exploits and puts pressure of softwarevendors to improve their products.

August — Researcher Chris Paget publishes "shatter attacks," detailing how Windows' unauthenticated messaging system can be used to take over a machine. The paper raises questions about how securable Windows could ever be.

July 25 — Russian Man Sentenced for Cracking into Computers in the United States

August 23 — Jesus Oquendo "sil" of AntiOffline releases "BRAT (http://www.infiltrated.net/brat.c)" Border Router Attack Tool as part of "Theories in Denials of Service in an effort to make administrators aware of the possibility of a worm attack tool capable of breaking backbone routes on the Internet

2004

December — Brian Salcedo sentenced to 9 years in prison for his involvement in hacking into the corporate systems of Lowe's home improvement stores and attempting to steal customer credit card information. The sentence far exceeds the 5 1/2 years that hacker Kevin Mitnick spent behind bars. Prosecutors said the three men tapped into the wireless network of a Lowe's store in Southfield, Mich., used that connection to enter the chain's central computer system in North Wilkesboro, N.C., and installed a program to capture credit card information. No data was actually collected however.